Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/sYFt3rrUBuJk57Y3zAGFmZOltic.roa
File: sYFt3rrUBuJk57Y3zAGFmZOltic.roa (raw, json)
Hash identifier: gQqoyQHjxZ3QpmMXCuD04vnCJWZx+pARGd3BNASn0U0=
Subject key identifier: B1:81:6D:DE:BA:D4:06:E2:64:E7:B6:37:CC:01:85:99:93:A5:B6:27
Certificate issuer: /CN=5ff7352d47db9785f49118092de8704a67f6520d
Certificate serial: 018CC794BA6812DC566B8215B75DFE605168
Authority key identifier: 5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/sYFt3rrUBuJk57Y3zAGFmZOltic.roa
Signing time: Tue 02 Jan 2024 00:31:01 +0000
ROA not before: Tue 02 Jan 2024 00:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43366
IP address blocks: 45.154.8.0/24 maxlen: 24
185.241.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.mft
rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ba:68:12:dc:56:6b:82:15:b7:5d:fe:60:51:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff7352d47db9785f49118092de8704a67f6520d
Validity
Not Before: Jan 2 00:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1816ddebad406e264e7b637cc01859993a5b627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:4e:24:88:5f:c7:38:b3:d1:9b:8b:a3:0c:
f3:da:28:98:55:35:08:0e:3e:6a:01:d7:29:99:93:
fa:fe:d2:12:bf:65:fa:d7:82:9b:fc:30:5e:f1:c5:
cb:d1:7a:56:09:aa:6e:73:a3:c9:dd:26:fa:3c:e0:
b4:19:70:6e:a0:f5:f7:f4:48:97:32:b8:eb:64:18:
35:91:8e:bb:a9:a6:06:64:02:1d:2e:35:34:f2:1d:
40:a6:3e:aa:65:b2:ba:bb:c5:0f:08:54:a6:c4:51:
ad:ae:8b:3d:06:a9:65:f0:08:77:c7:d5:9f:ff:64:
df:ae:f5:0d:6f:6b:87:fc:1c:73:7e:c9:4f:ce:ec:
3b:b2:00:ad:a8:5b:8a:d7:88:82:6a:de:f2:17:1c:
16:e7:ab:67:7c:bc:37:4e:67:80:6b:c9:2d:65:b4:
89:c6:54:53:a0:eb:0d:0f:09:70:b6:62:b2:a1:85:
fe:3b:de:33:ff:c5:c7:eb:8f:2f:a2:29:64:f2:0c:
98:bf:39:eb:97:78:56:f6:76:91:ff:04:df:aa:0d:
b8:4c:dd:09:4e:9f:8c:4e:99:1f:8c:d7:a6:99:3b:
d5:9b:0a:07:e4:50:a3:1d:3c:20:1c:c4:ee:e1:87:
36:e1:cd:8e:40:60:60:af:b5:b1:df:ce:72:5f:3e:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:81:6D:DE:BA:D4:06:E2:64:E7:B6:37:CC:01:85:99:93:A5:B6:27
X509v3 Authority Key Identifier:
keyid:5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/sYFt3rrUBuJk57Y3zAGFmZOltic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.8.0/24
185.241.188.0/22
Signature Algorithm: sha256WithRSAEncryption
50:13:90:8d:7b:26:4a:b6:11:51:27:89:89:84:a4:9a:88:52:
57:a4:39:19:3b:10:5c:33:92:56:d5:41:e2:3f:c9:de:59:fa:
26:4f:dd:6c:46:db:24:a9:b0:00:b1:dd:85:70:88:e9:9a:3f:
90:bf:2f:fe:cd:ba:0d:2d:2e:a7:89:b0:b6:93:c6:92:cc:c9:
95:79:75:ed:af:11:ed:b6:4e:3a:b0:7d:7d:88:f0:5e:86:29:
71:a2:d3:dc:a0:40:25:62:9a:03:94:0d:6b:17:96:7a:fb:af:
30:dc:02:81:89:47:d6:25:cf:48:7e:b0:e3:1a:ef:dc:58:70:
60:e9:24:a4:28:4f:6d:ef:86:96:24:76:52:3b:5c:cb:95:b5:
f2:65:af:00:59:60:d7:9d:08:46:cf:96:22:5e:19:49:db:ab:
fc:b2:98:40:d2:ce:f8:78:78:4f:34:bc:33:7c:b4:5e:70:59:
10:60:97:42:97:f2:93:14:20:39:c6:92:84:6b:50:d2:dd:39:
38:17:1b:a9:50:68:7c:12:b4:8e:83:43:48:a6:92:7c:d1:3a:
51:72:19:66:66:ce:31:85:cb:8d:29:c3:d5:63:d4:e3:12:26:
2a:b9:b8:0a:0a:e3:c9:86:46:59:fb:32:c5:b8:2f:b0:57:56:
5f:e0:72:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlLpoEtxWa4IVt13+YFFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjczNTJkNDdkYjk3ODVmNDkxMTgwOTJkZTg3MDRhNjdm
NjUyMGQwHhcNMjQwMTAyMDAzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTgxNmRkZWJhZDQwNmUyNjRlN2I2MzdjYzAxODU5OTkzYTViNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnelOJIhfxziz0ZuLowzz2iiYVTUI
Dj5qAdcpmZP6/tISv2X614Kb/DBe8cXL0XpWCapuc6PJ3Sb6POC0GXBuoPX39EiX
MrjrZBg1kY67qaYGZAIdLjU08h1Apj6qZbK6u8UPCFSmxFGtros9Bqll8Ah3x9Wf
/2TfrvUNb2uH/BxzfslPzuw7sgCtqFuK14iCat7yFxwW56tnfLw3TmeAa8ktZbSJ
xlRToOsNDwlwtmKyoYX+O94z/8XH648voilk8gyYvznrl3hW9naR/wTfqg24TN0J
Tp+MTpkfjNemmTvVmwoH5FCjHTwgHMTu4Yc24c2OQGBgr7Wx385yXz6f4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLGBbd661AbiZOe2N8wBhZmTpbYnMB8GA1UdIwQY
MBaAFF/3NS1H25eF9JEYCS3ocEpn9lINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9jMUxVZmJsNFgwa1JnSkxlaHdTbWYyVWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWQyYjMtN2M0Mi00Nzg1LTk1OTYt
NTE3NDgxZDBmODUwLzEvc1lGdDNyclVCdUprNTdZM3pBR0ZtWk9sdGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kNWQyYjMtN2M0Mi00Nzg1LTk1OTYtNTE3NDgxZDBmODUw
LzEvWF9jMUxVZmJsNFgwa1JnSkxlaHdTbWYyVWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZoIAwQC
ufG8MA0GCSqGSIb3DQEBCwUAA4IBAQBQE5CNeyZKthFRJ4mJhKSaiFJXpDkZOxBc
M5JW1UHiP8neWfomT91sRtskqbAAsd2FcIjpmj+Qvy/+zboNLS6nibC2k8aSzMmV
eXXtrxHttk46sH19iPBehilxotPcoEAlYpoDlA1rF5Z6+68w3AKBiUfWJc9IfrDj
Gu/cWHBg6SSkKE9t74aWJHZSO1zLlbXyZa8AWWDXnQhGz5YiXhlJ26v8sphA0s74
eHhPNLwzfLRecFkQYJdCl/KTFCA5xpKEa1DS3Tk4FxupUGh8ErSOg0NIppJ80TpR
chlmZs4xhcuNKcPVY9TjEiYqubgKCuPJhkZZ+zLFuC+wV1Zf4HJC
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:12:22 2024 by rpki-client on console-fra.rpki-client.org